Lucene search
K

31 matches found

CNNVD
CNNVD
added 2026/01/13 12:0 a.m.6 views

HTC VIVE Runtime Service 代码问题漏洞

HTC VIVE Runtime Service is a core backend driver from HTC Corporation. A code issue vulnerability exists in HTC VIVE Runtime Service version 1.0.0.4, which stems from the service path being unquoted, and could lead to a local user executing arbitrary code and elevating system privileges...

8.5CVSS6.1AI score0.00169EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 9:2 a.m.6 views

CVE-2023-25177

Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:11 a.m.7 views

CVE-2025-1929

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...

7.2CVSS5.6AI score0.00426EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/30 4:2 p.m.4 views

EUVD-2025-205819

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has bee...

10CVSS6.8AI score0.03923EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.8 views

Tenda W6-S 操作系统命令注入漏洞

Tenda W6-S is a wireless access point device from Tenda China. An OS command injection vulnerability exists in Tenda W6-S version 1.0.0.4, which originates from an incorrect operation of the file /goform/ate in the component ATE Service, which could lead to os command injection...

8.8CVSS6.9AI score0.0326EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.8 views

PT-2025-54180

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

6.5CVSS7AI score0.0326EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.5 views

Tenda W6-S 安全漏洞

Tenda W6-S is a wireless access point device from Tenda China. A security vulnerability exists in Tenda W6-S version 1.0.0.4, which originates from an incorrect manipulation of the file /bin/httpd parameter cookie in the component R7websSecurityHandler, which could result in a stack buffer overfl...

10CVSS7.6AI score0.03923EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.8 views

PT-2025-53720

Name of the Vulnerable Software and Affected Versions Tenda W6-S version 1.0.0.4510 Description A stack-based buffer overflow exists in the R7websSsecurityHandler component of Tenda W6-S. The issue is located in the file /bin/httpd. Manipulation of the Cookie argument can trigger the overflow. Th...

10CVSS9.8AI score0.03923EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25017

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00426EPSS
Exploits0References1
NVD
NVD
added 2025/08/15 12:15 p.m.10 views

CVE-2025-1929

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...

7.2CVSS0.00426EPSS
Exploits0References2
CVE
CVE
added 2025/08/15 12:6 p.m.21 views

CVE-2025-1929

CVE-2025-1929 concerns an SQL injection in Reel Sektör Hazine ve Risk Yönetimi Yazılımı (Risk Yazılım Teknolojileri Ltd. Şti.) through version 1.0.0.4. The issue is described as improper neutralization of special elements used in an SQL command, i.e., a blind SQL injection (CAPEC-7). Connected so...

7.2CVSS5.6AI score0.00426EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/08/15 12:6 p.m.6 views

CVE-2025-1929

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...

7.2CVSS5.6AI score0.00426EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/15 12:6 p.m.5 views

CVE-2025-1929 SQLi in RiskTurk's Treasury Management Software

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...

7.2CVSS5.6AI score0.00426EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/15 12:6 p.m.11 views

CVE-2025-1929 SQLi in RiskTurk's Treasury Management Software

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...

7.2CVSS0.00426EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.6 views

Riskturk Reel Sektör Hazine ve Risk Yönetimi SQL注入漏洞

Riskturk Reel Sektör Hazine ve Risk Yönetimi is a risk management software from the Turkish company Riskturk Reel. A SQL injection vulnerability exists in Riskturk Reel Sektör Hazine ve Risk Yönetimi 1.0.0.4 and earlier versions, which stems from improper handling of special elements and could le...

7.2CVSS7.8AI score0.00426EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.11 views

PT-2025-33479 · Unknown · Reel Sektör Hazine Ve Risk Yönetimi Yazılımı

Name of the Vulnerable Software and Affected Versions: Reel Sektör Hazine ve Risk Yönetimi Yazılımı versions through 1.0.0.4 Description: Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability exists in Reel Sektör Hazine ve Risk Yönetimi Yazılımı, allowi...

7.2CVSS6.7AI score0.00426EPSS
Exploits0References4
OSV
OSV
added 2024/03/01 1:15 a.m.5 views

CVE-2024-1941

Delta Electronics CNCSoft-B versions 1.0.0.4 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

7.8CVSS6.3AI score0.00739EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/22 12:0 a.m.4 views

PT-2023-8818 · Delta Electronics · Cncsoft-B

Name of the Vulnerable Software and Affected Versions: Delta Electronics CNCSoft-B versions 1.0.0.4 and prior Description: The issue is caused by a stack-based buffer overflow in the CNCSoft-B software, which may allow an attacker to execute arbitrary code. This can be exploited by remote...

7.8CVSS8AI score0.00739EPSS
Exploits0References7
OSV
OSV
added 2023/06/07 9:15 p.m.2 views

CVE-2023-24014

Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to heap-based buffer overflow, which could allow an attacker to execute arbitrary code...

7.8CVSS6.2AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.5 views

Delta Electronics DOPSoft 缓冲区错误漏洞

Delta Electronics DOPSoft is a Human Machine Interface HMI software suite from Delta Electronics Taiwan, China. A buffer error vulnerability exists in Delta Electronics DOPSoft version 1.0.0.4 and prior versions, which stems from susceptibility to a heap-based buffer overflow. An attacker can...

7.8CVSS8.2AI score0.0023EPSS
Exploits0References2
Rows per page
Query Builder